give more consistent names to taproot functions

ZcashFoundation · Jan 11, 2024 · ab60096 · ab60096
1 parent d0145d9
commit ab60096
Show file tree

Hide file tree

Showing 7 changed files with 42 additions and 40 deletions.
diff --git a/frost-core/src/batch.rs b/frost-core/src/batch.rs
@@ -120,8 +120,8 @@ where
             let z = item.sig.z;
             let mut R = item.sig.R;
             let mut vk = item.vk.element;
-            if <C>::is_need_tweaking() {
-                R = <C>::tweaked_R(&item.sig.R);
+            if <C>::is_taproot_compat() {
+                R = <C>::taproot_compat_R(&item.sig.R);
                 vk = <C>::tweaked_public_key(&item.vk.element);
             }
 

diff --git a/frost-core/src/lib.rs b/frost-core/src/lib.rs
@@ -588,7 +588,7 @@ where
         z = z + signature_share.share;
     }
 
-    if <C>::is_need_tweaking() {
+    if <C>::is_taproot_compat() {
         let challenge = <C>::challenge(
             &group_commitment.0,
             &pubkeys.verifying_key,

diff --git a/frost-core/src/round2.rs b/frost-core/src/round2.rs
@@ -95,12 +95,12 @@ where
     ) -> Result<(), Error<C>> {
         let mut commitment_share = group_commitment_share.0;
         let mut vsh = verifying_share.0;
-        if <C>::is_need_tweaking() {
-            commitment_share = <C>::tweaked_group_commitment_share(
+        if <C>::is_taproot_compat() {
+            commitment_share = <C>::taproot_compat_commitment_share(
                 &group_commitment_share.0,
                 &group_commitment.0
             );
-            vsh = <C>::tweaked_verifying_share(
+            vsh = <C>::taproot_compat_verifying_share(
                 &verifying_share.0,
                 &verifying_key.element
             );
@@ -233,8 +233,8 @@ pub fn sign<C: Ciphersuite>(
     );
 
     // Compute the Schnorr signature share.
-    if <C>::is_need_tweaking() {
-        let signature_share = <C>::compute_tweaked_signature_share(
+    if <C>::is_taproot_compat() {
+        let signature_share = <C>::compute_taproot_compat_signature_share(
             signer_nonces,
             binding_factor,
             group_commitment,

diff --git a/frost-core/src/signing_key.rs b/frost-core/src/signing_key.rs
@@ -47,19 +47,19 @@ where
     pub fn sign<R: RngCore + CryptoRng>(&self, mut rng: R, msg: &[u8]) -> Signature<C> {
         let public = VerifyingKey::<C>::from(*self);
         let mut secret = self.scalar;
-        if <C>::is_need_tweaking() {
+        if <C>::is_taproot_compat() {
             secret = <C>::tweaked_secret_key(secret, &public.element);
         }
         let mut k = random_nonzero::<C, R>(&mut rng);
         let R = <C::Group>::generator() * k;
-        if <C>::is_need_tweaking() {
-            k = <C>::tweaked_nonce(k, &R);
+        if <C>::is_taproot_compat() {
+            k = <C>::taproot_compat_nonce(k, &R);
         }
 
         // Generate Schnorr challenge
         let c: Challenge<C> = <C>::challenge(&R, &public, msg);
 
-        if <C>::is_need_tweaking() {
+        if <C>::is_taproot_compat() {
             let z = <C>::tweaked_z(k, secret, c.0, &public.element);
             Signature { R, z }
         } else {

diff --git a/frost-core/src/traits.rs b/frost-core/src/traits.rs
@@ -256,12 +256,12 @@ pub trait Ciphersuite: Copy + Clone + PartialEq + Debug {
         challenge(R, verifying_key, msg)
     }
 
-    /// determine tweak is need
-    fn is_need_tweaking() -> bool {
+    /// determine code is taproot compatible (used in frost-sepc256k1-tr)
+    fn is_taproot_compat() -> bool {
         false
     }
 
-    /// aggregate tweak z
+    /// aggregate tweak z (used in frost-sepc256k1-tr)
     #[allow(unused)]
     fn aggregate_tweak_z(
         z: <<Self::Group as Group>::Field as Field>::Scalar,
@@ -272,7 +272,7 @@ pub trait Ciphersuite: Copy + Clone + PartialEq + Debug {
         panic!("Not implemented");
     }
 
-    /// tweaked z for SigningKey sign
+    /// tweaked z for SigningKey sign (used in frost-sepc256k1-tr)
     #[allow(unused)]
     fn tweaked_z(
         k: <<Self::Group as Group>::Field as Field>::Scalar,
@@ -284,9 +284,9 @@ pub trait Ciphersuite: Copy + Clone + PartialEq + Debug {
         panic!("Not implemented");
     }
 
-    /// signature_share tweak
+    /// signature_share compatible with taproot (used in frost-sepc256k1-tr)
     #[allow(unused)]
-    fn compute_tweaked_signature_share(
+    fn compute_taproot_compat_signature_share(
         signer_nonces: &crate::round1::SigningNonces<Self>,
         binding_factor: crate::BindingFactor<Self>,
         group_commitment: crate::GroupCommitment<Self>,
@@ -298,23 +298,23 @@ pub trait Ciphersuite: Copy + Clone + PartialEq + Debug {
         panic!("Not implemented");
     }
 
-    /// calculate tweaked public key
+    /// calculate tweaked public key (used in frost-sepc256k1-tr)
     #[allow(unused)]
     fn tweaked_public_key(
         public_key: &<Self::Group as Group>::Element,
     ) -> <Self::Group as Group>::Element {
         panic!("Not implemented");
     }
 
-    /// calculate tweaked R
+    /// calculate taproot compatible R (used in frost-sepc256k1-tr)
     #[allow(unused)]
-    fn tweaked_R(
+    fn taproot_compat_R(
         public_key: &<Self::Group as Group>::Element,
     ) -> <Self::Group as Group>::Element {
         panic!("Not implemented");
     }
 
-    /// tweaked secret
+    /// tweaked secret (used in frost-sepc256k1-tr)
     #[allow(unused)]
     fn tweaked_secret_key(
         secret: <<Self::Group as Group>::Field as Field>::Scalar,
@@ -324,29 +324,29 @@ pub trait Ciphersuite: Copy + Clone + PartialEq + Debug {
         panic!("Not implemented");
     }
 
-    /// tweaked nonce
+    /// calculate taproot compatible nonce (used in frost-sepc256k1-tr)
     #[allow(unused)]
-    fn tweaked_nonce(
+    fn taproot_compat_nonce(
         nonce: <<Self::Group as Group>::Field as Field>::Scalar,
         R: &Element<Self>,
     ) -> <<Self::Group as Group>::Field as Field>::Scalar
     {
         panic!("Not implemented");
     }
 
-    /// tweaked group commitment
+    /// calculate taproot compatible commitment share (used in frost-sepc256k1-tr)
     #[allow(unused)]
-    fn tweaked_group_commitment_share(
+    fn taproot_compat_commitment_share(
         group_commitment_share: &<Self::Group as Group>::Element,
         group_commitment: &<Self::Group as Group>::Element,
     ) -> <Self::Group as Group>::Element
     {
         panic!("Not implemented");
     }
 
-    /// tweaked verifying share
+    /// calculate taproot compatible verifying share (used in frost-sepc256k1-tr)
     #[allow(unused)]
-    fn tweaked_verifying_share(
+    fn taproot_compat_verifying_share(
         verifying_share: &<Self::Group as Group>::Element,
         verifying_key: &<Self::Group as Group>::Element,
     ) -> <Self::Group as Group>::Element

diff --git a/frost-core/src/verifying_key.rs b/frost-core/src/verifying_key.rs
@@ -70,8 +70,8 @@ where
         // where h is the cofactor
         let mut R = signature.R;
         let mut vk = self.element;
-        if <C>::is_need_tweaking() {
-            R = <C>::tweaked_R(&signature.R);
+        if <C>::is_taproot_compat() {
+            R = <C>::taproot_compat_R(&signature.R);
             vk = <C>::tweaked_public_key(&self.element);
         }
         let zB = C::Group::generator() * signature.z;

diff --git a/frost-secp256k1-tr/src/lib.rs b/frost-secp256k1-tr/src/lib.rs
@@ -324,8 +324,8 @@ impl Ciphersuite for Secp256K1Sha256 {
         Challenge::from_scalar(S::H2(&preimage[..]))
     }
 
-    /// determine tweak is need
-    fn is_need_tweaking() -> bool {
+    /// determine code is taproot compatible
+    fn is_taproot_compat() -> bool {
         true
     }
 
@@ -360,8 +360,8 @@ impl Ciphersuite for Secp256K1Sha256 {
         }
     }
 
-    /// compute tweaked signature_share
-    fn compute_tweaked_signature_share(
+    /// signature_share compatible with taproot
+    fn compute_taproot_compat_signature_share(
         signer_nonces: &round1::SigningNonces,
         binding_factor: frost::BindingFactor<S>,
         group_commitment: frost_core::GroupCommitment<S>,
@@ -395,8 +395,8 @@ impl Ciphersuite for Secp256K1Sha256 {
         real_tweaked_pubkey(public_key, &[])
     }
 
-    /// calculate tweaked R
-    fn tweaked_R(R: &<Self::Group as Group>::Element) -> <Self::Group as Group>::Element {
+    /// calculate taproot compatible R
+    fn taproot_compat_R(R: &<Self::Group as Group>::Element) -> <Self::Group as Group>::Element {
         AffinePoint::decompact(&R.to_affine().x()).unwrap().into()
     }
 
@@ -408,8 +408,8 @@ impl Ciphersuite for Secp256K1Sha256 {
         tweaked_secret_key(secret, &public, &[])
     }
 
-    /// tweaked nonce
-    fn tweaked_nonce(
+    /// calculate taproot compatible nonce
+    fn taproot_compat_nonce(
         nonce: <<Self::Group as Group>::Field as Field>::Scalar,
         R: &Element<Self>,
     ) -> <<Self::Group as Group>::Field as Field>::Scalar {
@@ -420,7 +420,8 @@ impl Ciphersuite for Secp256K1Sha256 {
         }
     }
 
-    fn tweaked_group_commitment_share(
+    /// calculate taproot compatible commitment share
+    fn taproot_compat_commitment_share(
         group_commitment_share: &Element<Self>,
         group_commitment: &Element<Self>,
     ) -> Element<Self> {
@@ -431,7 +432,8 @@ impl Ciphersuite for Secp256K1Sha256 {
         }
     }
 
-    fn tweaked_verifying_share(
+    /// calculate taproot compatible verifying share
+    fn taproot_compat_verifying_share(
         verifying_share: &<Self::Group as Group>::Element,
         verifying_key: &<Self::Group as Group>::Element,
     ) -> <Self::Group as Group>::Element {